0

A Security Access Module Chip can hold up to 128 keys. So what is the use of having multiple SAM slots in a device / POS terminal? Is it only for the purpose of separation of concerns?

San
  • 542
  • 6
  • 21

1 Answers1

4

(Not sure what it has to do with programming, but here we go...)

There are many SAM types, e.g.:

And most of them deal with a very specific technologies -- so in case you need to support two different ones (say MIFARE and FeliCa) you can't simply combine both SAMs into one physical smart card.

Even if you deal with the same technology (say MIFARE in public transportation) or with loadable SAM applets which technically could reside in a single physical Java Card -- you still have different key-owners who do not want (or simply can't) inject their keys into any third-party device.

It is not easy to deal correctly with the life-cycle of a single SAM owned by a single entity in a provably secure/trustworthy way...introducing more parties makes it even more complicated (not mentioning the problems with configuration/deployment/servicing of such super-SAMs).

My bet is that this is the reason why Secure Elements in smartphones are still not extensively used (even when global platform & other standardization bodies pave the way).

This is my humble point of view, please do validate my thoughts...

Good luck!

PS: I have heard of cases, where four SAM slots were not enough

vlp
  • 7,811
  • 2
  • 23
  • 51
  • I assume, that the main reason is organizational. No institution will provide its key values to the SAM issuer, just to get them stored, since nothing can be done to enforce the *store-only* use. – guidot May 02 '17 at 08:33
  • @guidot Technically -- any number of key-owners can inject their keys into SAMs directly at their own secure facility (given the physical SAMs are transported there before being deployed) without passing the key values directly to the SAM owner (of course under strict controls/protocols/proofs) -- but SAM technology needs to support this scenario (and stay secure doing so). Because of that I emphasized different SAM types enforcing different key uses (which is IMHO the core purpose of using SAMs -- to control the usage of securely stored cryptographic material -- e.g. not to allow... – vlp May 02 '17 at 13:56
  • ...any direct encryption with a master key used to derive unique card authentication keys). And such technology/application specific SAMs can't be easily combined into one physical card. – vlp May 02 '17 at 13:57